Password-less SSH Login

On occasion I have the need to establish trust relationships between Unix boxes so that I can script file transfers. In short, here’s how you leverage SSH to do that. Using the example of trying to connect from server ‘ender’ to get a file on ‘bean’ follow this example:

  1. Connect to ender
  2. type: ssh-keygen -t rsa
    • default directory for keyfiles will be ~/.ssh/
    • if you do not want to be prompted, leave passphrase blank
  3. copy the contents of .ssh/id_rsa.pub (there should only be one line)
  4. place this line on bean, in ~/.ssh/authorized_keys
  5. that’s it, you should now be able to ssh/sftp/scp from ender to bean without being prompted for a password!

For further detail and a more complete example check this site out.

Update: You must have "RSAAuthentication yes" in your /etc/ssh/sshd_config file. On many Linux installations this setting is commented out in a default install

authentication, keygen, linux, pass phrase, password, scp, sftp, solaris, ssh, system administration, unix

18 thoughts on “Password-less SSH Login

  1. Pingback: spiralbound.net » Changes to Solaris ssh_config for Password-less SSH Login

  2. Jon

    Using these instructions I’ve just set up my Mac OSX desktop to connect to one of our servers without the need for a password.

    I also saved the connection info in a terminal shortcut so I can connect to the server just as easily as I can open a terminal window.

    Thanks for these instructions!

  3. earle goodfellow

    I was having trouble getting this working but a bit of research led me to making the authorized_keys file non group writeable… then it all burst into life

  4. Pingback: Life After Coffee » SSH Without A Password

  5. Marc

    Maybe I’m paranoid, but having a private key without a passphrase freaks me out, so I use a key with a passphrase and then I use keychain (from the Gentoo project) to cache my decrypted keys in an ssh-agent process.

    It’s too involved for me to post all the details, but if folks want, I could possibly detail it all in a blog post.

  6. kc

    One other thing that you may want to check is that the authorized_keys file is not group and world read/write permissions set. It got me stumped until I did a tail on the messages/secure log file to understand what was happening.

  7. Storm

    For those who are as dense as myself.. authorized keys is a file, not a directory.. when you put it in, it is appending a file, not adding files to a directory.

  8. Pingback: Life After Coffee » Secure remote file copy

  9. Dustin

    I am not sure about everybody else but for me the permissions on the .ssh directory were very important. I was not able to get this to work unless I removed all from group and other. A chmod 600 or 700 might be required.

    Thanks for the help. Nice tutorial!

  10. Pingback: Bash backup scripts including mysql backup at max words

  11. Pingback: Kladblog » Blog Archive » Wachtwoordloze SSH login

  12. Pingback: Distributed NLTK with execnet « streamhacker.com

  13. Chris West

    Thanks a lot for this post. I am new to using Macs and because of posts like this, I am starting to like Macs more and more. I used this to get a growl notification to work whenever a certain phrase is appended to a log file.

Comments are closed.